Boston University Libraries OpenBU
    JavaScript is disabled for your browser. Some features of this site may not work without it.
    View Item 
    •   OpenBU
    • BU Open Access Articles
    • BU Open Access Articles
    • View Item
    •   OpenBU
    • BU Open Access Articles
    • BU Open Access Articles
    • View Item

    BORDERPATROL: securing BYOD using fine-grained contextual information

    Thumbnail
    Date Issued
    2019-06
    Publisher Version
    10.1109/dsn.2019.00054
    Author(s)
    Zungur, Onur
    Suarez-Tangil, Guillermo
    Stringhini, Gianluca
    Egele, Manuel
    Share to FacebookShare to TwitterShare by Email
    Export Citation
    Download to BibTex
    Download to EndNote/RefMan (RIS)
    Metadata
    Show full item record
    Permanent Link
    https://hdl.handle.net/2144/41247
    Version
    Accepted manuscript
    Citation (published version)
    Onur Zungur, Guillermo Suarez-Tangil, Gianluca Stringhini, Manuel Egele. 2019. "BORDERPATROL: securing BYOD using fine-grained contextual information." Proceedings of the IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). https://doi.org/10.1109/dsn.2019.00054
    Abstract
    Companies adopt Bring Your Own Device (BYOD) policies extensively, for both convenience and cost management. The compelling way of putting private and business related applications (apps) on the same device leads to the widespread usage of employee owned devices to access sensitive company data and services. Such practices create a security risk as a legitimate app may send business-sensitive data to third party servers through detrimental app functions or packaged libraries. In this paper, we propose BORDERPATROL, a system for extracting contextual data that businesses can leverage to enforce access control in BYOD-enabled corporate networks through fine-grained policies. BORDERPATROL extracts contextual information, which is the stack trace of the app function that generated the network traffic, on provisioned user devices and transfers this data in IP headers to enforce desired policies at network routers. BORDERPATROL provides a way to selectively prevent undesired functionalities, such as analytics activities or advertisements, and help enforce information dissemination policies of the company while leaving other functions of the app intact. Using 2,000 apps,we demonstrate that BORDERPATROL is effective in preventing packets which originate from previously identified analytics and advertisement libraries from leaving the network premises. In addition, we show BORDERPATROL’s capability in selectively preventing undesirable app functions using case studies.
    Collections
    • BU Open Access Articles [3732]
    • ENG: Electrical and Computer Engineering: Scholarly Papers [257]


    Boston University
    Contact Us | Send Feedback | Help
     

     

    Browse

    All of OpenBUCommunities & CollectionsIssue DateAuthorsTitlesSubjectsThis CollectionIssue DateAuthorsTitlesSubjects

    Deposit Materials

    LoginNon-BU Registration

    Statistics

    Most Popular ItemsStatistics by CountryMost Popular Authors

    Boston University
    Contact Us | Send Feedback | Help